github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity

Make sure all filehandles are closed at the end of a trasaction. See #464 and #465.

Browse Source 
Fixes a few typos in some error messages when we are over the limits.
This commit is contained in:
brectanus 2008-03-28 20:00:37 +00:00
parent b74b659114
commit aa6be1614e
4 changed files with 30 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@ -1,8 +1,10 @@
19 Mar 2008 - 2.5.1-breach1 28 Mar 2008 - trunk
--------------------------- -------------------
* Allow HTTP_* targets as an alias for REQUEST_HEADERS:*. * Allow HTTP_* targets as an alias for REQUEST_HEADERS:*.
* Make sure temporary filehandles are closed after a transaction.
14 Mar 2008 - 2.5.1 14 Mar 2008 - 2.5.1
------------------- -------------------

4
apache2/apache2_io.c
View File

@ -215,7 +215,7 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) {
/* Check request body limit (should only trigger on chunked requests). */ /* Check request body limit (should only trigger on chunked requests). */
if (msr->reqbody_length + buflen > (apr_size_t)msr->txcfg->reqbody_limit) { if (msr->reqbody_length + buflen > (apr_size_t)msr->txcfg->reqbody_limit) {
*error_msg = apr_psprintf(msr->mp, "Requests body is larger than the " *error_msg = apr_psprintf(msr->mp, "Request body is larger than the "
"configured limit (%ld).", msr->txcfg->reqbody_limit); "configured limit (%ld).", msr->txcfg->reqbody_limit);
return -5; return -5;
} }
@ -224,7 +224,7 @@ apr_status_t read_request_body(modsec_rec *msr, char **error_msg) {
int rcbs = modsecurity_request_body_store(msr, buf, buflen, error_msg); int rcbs = modsecurity_request_body_store(msr, buf, buflen, error_msg);
if (rcbs < 0) { if (rcbs < 0) {
if (rcbs == -5) { if (rcbs == -5) {
*error_msg = apr_psprintf(msr->mp, "Requests body no files data length is larger than the " *error_msg = apr_psprintf(msr->mp, "Request body no files data length is larger than the "
"configured limit (%ld).", msr->txcfg->reqbody_no_files_limit); "configured limit (%ld).", msr->txcfg->reqbody_no_files_limit);
return -5; return -5;
} }

18
apache2/msc_multipart.c
View File

@ -1100,6 +1100,12 @@ apr_status_t multipart_cleanup(modsec_rec *msr) {
for(i = 0; i < msr->mpd->parts->nelts; i++) { for(i = 0; i < msr->mpd->parts->nelts; i++) {
if (parts[i]->type == MULTIPART_FILE) { if (parts[i]->type == MULTIPART_FILE) {
if (parts[i]->tmp_file_name != NULL) { if (parts[i]->tmp_file_name != NULL) {
/* make sure it is closed first */
if (parts[i]->tmp_file_fd > 0) {
close(parts[i]->tmp_file_fd);
parts[i]->tmp_file_fd = -1;
}
if (unlink(parts[i]->tmp_file_name) < 0) { if (unlink(parts[i]->tmp_file_name) < 0) {
msr_log(msr, 1, "Multipart: Failed to delete file (part) \"%s\" because %d(%s)", msr_log(msr, 1, "Multipart: Failed to delete file (part) \"%s\" because %d(%s)",
log_escape(msr->mp, parts[i]->tmp_file_name), errno, strerror(errno)); log_escape(msr->mp, parts[i]->tmp_file_name), errno, strerror(errno));
@ -1122,6 +1128,12 @@ apr_status_t multipart_cleanup(modsec_rec *msr) {
if ((parts[i]->type == MULTIPART_FILE)&&(parts[i]->tmp_file_size == 0)) { if ((parts[i]->type == MULTIPART_FILE)&&(parts[i]->tmp_file_size == 0)) {
/* Delete empty file. */ /* Delete empty file. */
if (parts[i]->tmp_file_name != NULL) { if (parts[i]->tmp_file_name != NULL) {
/* make sure it is closed first */
if (parts[i]->tmp_file_fd > 0) {
close(parts[i]->tmp_file_fd);
parts[i]->tmp_file_fd = -1;
}
if (unlink(parts[i]->tmp_file_name) < 0) { if (unlink(parts[i]->tmp_file_name) < 0) {
msr_log(msr, 1, "Multipart: Failed to delete empty file (part) \"%s\" because %d(%s)", msr_log(msr, 1, "Multipart: Failed to delete empty file (part) \"%s\" because %d(%s)",
log_escape(msr->mp, parts[i]->tmp_file_name), errno, strerror(errno)); log_escape(msr->mp, parts[i]->tmp_file_name), errno, strerror(errno));
@ -1138,6 +1150,12 @@ apr_status_t multipart_cleanup(modsec_rec *msr) {
const char *new_filename = NULL; const char *new_filename = NULL;
const char *new_basename = NULL; const char *new_basename = NULL;
/* make sure it is closed first */
if (parts[i]->tmp_file_fd > 0) {
close(parts[i]->tmp_file_fd);
parts[i]->tmp_file_fd = -1;
}
new_basename = file_basename(msr->mp, parts[i]->tmp_file_name); new_basename = file_basename(msr->mp, parts[i]->tmp_file_name);
if (new_basename == NULL) return -1; if (new_basename == NULL) return -1;
new_filename = apr_psprintf(msr->mp, "%s/%s", msr->txcfg->upload_dir, new_filename = apr_psprintf(msr->mp, "%s/%s", msr->txcfg->upload_dir,

6
apache2/msc_reqbody.c
View File

@ -685,6 +685,12 @@ apr_status_t modsecurity_request_body_clear(modsec_rec *msr, char **error_msg) {
log_escape(msr->msc_reqbody_mp, put_filename)); log_escape(msr->msc_reqbody_mp, put_filename));
} }
} else { } else {
/* make sure it is closed first */
if (msr->msc_reqbody_fd > 0) {
close(msr->msc_reqbody_fd);
msr->msc_reqbody_fd = -1;
}
/* We do not want to keep the request body. */ /* We do not want to keep the request body. */
if (apr_file_remove(msr->msc_reqbody_filename, if (apr_file_remove(msr->msc_reqbody_filename,
msr->msc_reqbody_mp) != APR_SUCCESS) msr->msc_reqbody_mp) != APR_SUCCESS)